-
Notifications
You must be signed in to change notification settings - Fork 953
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2021-23807 (High) detected in jsonpointer-4.1.0.tgz - autoclosed #1152
Labels
cve
Security vulnerabilities detected by Dependabot or Mend
high severity
High severity CVE
Mend: dependency security vulnerability
Security vulnerability detected by Mend
v2.0.0
Comments
AMoo-Miki
pushed a commit
to AMoo-Miki/OpenSearch-Dashboards
that referenced
this issue
Feb 10, 2022
…ect#1152) Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.20...4.17.21) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closed
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Feb 28, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Feb 28, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 1, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 2, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 2, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 4, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 4, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 16, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 16, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 17, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 23, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 25, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
ashwin-pc
pushed a commit
to ashwin-pc/OpenSearch-Dashboards
that referenced
this issue
Apr 1, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
✔️ This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory. |
ashwin-pc
pushed a commit
to ashwin-pc/OpenSearch-Dashboards
that referenced
this issue
Apr 1, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <[email protected]>
ashwin-pc
added a commit
that referenced
this issue
Apr 1, 2022
* Replaces `sass-lint` with `stylelint` * Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves #551 Resolves #1139 Resolves #1151 Resolves #1152 Resolves #1154 Signed-off-by: Tommy Markley <[email protected]> * fix(Style): Fixes flex style Signed-off-by: Ashwin Pc <[email protected]> * fix(lint): Fixes empty comment lint issue Signed-off-by: Ashwin Pc <[email protected]> * chore: rebase and updates yarn.lock Signed-off-by: Ashwin Pc <[email protected]> Co-authored-by: Tommy Markley <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
cve
Security vulnerabilities detected by Dependabot or Mend
high severity
High severity CVE
Mend: dependency security vulnerability
Security vulnerability detected by Mend
v2.0.0
CVE-2021-23807 - High Severity Vulnerability
Simple JSON Addressing.
Library home page: https://registry.npmjs.org/jsonpointer/-/jsonpointer-4.1.0.tgz
Dependency Hierarchy:
Found in HEAD commit: ddb2cc42e9e43fdc2358fe14019ab9679e775671
Found in base branch: main
This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays.
Publish Date: 2021-11-03
URL: CVE-2021-23807
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23807
Release Date: 2021-11-03
Fix Resolution (jsonpointer): 5.0.0
Direct dependency fix Resolution (sass-lint): 1.13.0
The text was updated successfully, but these errors were encountered: